tinc behind CISCO ASA 5506
Ramesh
nramesh1 at gmail.com
Sun Jan 15 15:30:03 CET 2017
when you say "home server" you want me to do this in tinc "histup" or
somewhere else OR on the firewall?
similarly do i have to add route on the PC that runs the tinc daemon?
Regards
Ramesh
On Sun, Jan 15, 2017 at 8:57 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Thu, Jan 12, 2017 at 09:27:45PM -0500, Ramesh wrote:
>
> > I have the following setup
> >
> > Home - Main Tinc server with public IP running on PfSense
> > work - tinc client running behind a CISCO ASA firewall with public IP
> running on Windows 10
> > offsite - tinc client running on tomato router behind a double NAT
> >
> > Home & offsite connect & i can see all PCs & devices & connect to them
> > easily, on either side
> >
> > work to Home or offsite connects (see log below) but i'm unable to
> connect
> > or ping any of the PCs or devices on either side.
>
> The main issue is how packets are routed. What I'm missing is your
> tinc-up scripts and for the Windows node, how the VPN interface is
> configured.
>
> > work host
> > Subnet = 192.168.1.66/32
> [...]
> > home config on host
> > Subnet = 192.168.11.0/24
>
> It looks like you have different subnets at work and home. You have to
> configure your home server to send packets for 192.168.1.66/32 to the
> VPN interface, and your work computer to send packets for
> 192.168.11.0/24 to its VPN interface.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170115/75dd1b1b/attachment.html>
More information about the tinc
mailing list